Google has successfully thwarted a potential cyberattack by identifying a zero-day vulnerability with the aid of AI technology. The Google Threat Intelligence Group revealed that the vulnerability was located in a Python script, which could have allowed users to bypass two-factor authentication on a widely-used open-source web-based system administration tool. Although Google did not specify if its AI Gemini was responsible for the discovery, the vulnerability was disclosed to the affected provider under Responsible Disclosure, halting any associated malicious activities.
The incident highlights the growing role of AI in cybersecurity, suggesting that AI-driven cyberattacks may be on the rise. The malicious code’s structured format, resembling training data for large language models, and the complexity of the vulnerability, which would be challenging to detect with traditional tools, suggest AI involvement. AI models are particularly adept at identifying hidden logic errors that appear correct to standard scanners but are flawed from a security standpoint.
This development points to a new era where AI tools can be leveraged both for enhancing IT security and by cybercriminals for attacks. The AI model Claude Mythos Preview, known for its exceptional vulnerability detection capabilities, is currently restricted to select companies to improve security, resulting in a surge of identified and resolved software vulnerabilities. While organizations like Mozilla are optimistic about the potential to discover all software errors, the threat of AI-assisted cyber threats remains a pressing concern.
